- removed space escapes from MySQL SHOW GRANTS regex

- proper checking for with grant option (if this is not the only option the user has)
- added revoking of grant option
reviewable/pr18780/r1
Stijn Opheide 12 years ago
parent 049e14e7d1
commit a090d6cef7

@ -170,12 +170,12 @@ def privileges_get(cursor, user,host):
cursor.execute("SHOW GRANTS FOR %s@%s", (user,host)) cursor.execute("SHOW GRANTS FOR %s@%s", (user,host))
grants = cursor.fetchall() grants = cursor.fetchall()
for grant in grants: for grant in grants:
res = re.match("GRANT\ (.+)\ ON\ (.+)\ TO\ '.+'@'.+'[\ IDENTIFIED\ BY\ PASSWORD\ '.+']?\ ?(.*)", grant[0]) res = re.match("GRANT (.+) ON (.+) TO '.+'@'.+'( IDENTIFIED BY PASSWORD '.+')? ?(.*)", grant[0])
if res is None: if res is None:
module.fail_json(msg="unable to parse the MySQL grant string") module.fail_json(msg="unable to parse the MySQL grant string")
privileges = res.group(1).split(", ") privileges = res.group(1).split(", ")
privileges = ['ALL' if x=='ALL PRIVILEGES' else x for x in privileges] privileges = ['ALL' if x=='ALL PRIVILEGES' else x for x in privileges]
if res.group(3) == "WITH GRANT OPTION": if "WITH GRANT OPTION" in res.group(4):
privileges.append('GRANT') privileges.append('GRANT')
db = res.group(2).replace('`', '') db = res.group(2).replace('`', '')
output[db] = privileges output[db] = privileges
@ -205,6 +205,8 @@ def privileges_unpack(priv):
def privileges_revoke(cursor, user,host,db_table): def privileges_revoke(cursor, user,host,db_table):
query = "REVOKE ALL PRIVILEGES ON %s FROM '%s'@'%s'" % (db_table,user,host) query = "REVOKE ALL PRIVILEGES ON %s FROM '%s'@'%s'" % (db_table,user,host)
cursor.execute(query) cursor.execute(query)
query = "REVOKE GRANT OPTION ON %s FROM '%s'@'%s'" % (db_table,user,host)
cursor.execute(query)
def privileges_grant(cursor, user,host,db_table,priv): def privileges_grant(cursor, user,host,db_table,priv):

Loading…
Cancel
Save